Intelligence And Counterintelligence News Review

The Air Force Loves War Gamers Like Teixeira


With the federal government spending at least $1 billion annually on defense and civilian agency programs to neutralize ‘insider threats,’ it’s no wonder that people are asking how it was possible that secret documents posted by Jack Teixeira, a low level 21-year-old Massachusetts Air National Guard airman, were able to circulate through the backwaters of the Internet for months before authorities even became aware of their existence.

Jack Teixiera via Twitter

After the massive document dumps by Chelsea Manning and Edward Snowden, new systems were put in place to prevent, or at least rapidly track, such unauthorized access to top secret files. The shiny new application touted to detect insider threats was artificial intelligence. Obviously it didn’t work in the Teixiera case.   

Today, defense contractors make millions of dollars selling AI insider threat systems that are meant to predict which government employee might pose a potential national security threat. These tech entrepreneurs make big claims about their AI’s accuracy in identifying leakers, and claim an urgent need both for their systems and for access to ever more data. 

Palantir is probably the best known developer of such technologies. Its CEO Alex Karp recently claimed that AI systems are  “very dangerous” but in the context of wars like Ukraine, have “fundamentally changed the world” and cannot be put “back in the box.” Palantir claims its tools for rooting out insider threats enables enterprises to “identify suspicious or abnormal employee behavior using a variety of algorithmic methods.”  To a similar end, last year the Pentagon awarded a “multi million dollar contract” to  Torch.AI, a Leawood, Kansas-based data infrastructure artificial intelligence company, “to support the Pentagon’s efforts to combat insider threats,” known as the System for Insider Threat Hindrance, or SITH. According to its CEO Brian Weaver, “There are few situations where the quality and availability of data is more important than cyber and insider threat.” Obviously it didn’t prevent Teixiera and his pals from widely sharing top secret documents. 

Egg on its Face

The Discord leak is embarrassing for the National Insider Threat Task Force, a government-wide program under the Director of National Intelligence tasked with deterring, detecting, and mitigating threats just like this one. As recently as  April 10, National Security Council spokesman John F. Kirby was in the dark on key aspects of the hemorrhage, saying the NSC still did not know how much material was public, who was behind it or their motive.

“Insider Threat” is a concept with a long history, catalyzed  following the Chelsea Manning leaks in President Obama’s Executive Order 13857, which established an interagency Insider Threat Task Force to  develop a government-wide program. Its concepts, also articulated in NATO’s Cooperative Cyber Defence Centre of Excellence, have long sought AI prediction tools to identify potential leakers, based on past offenders like Snowden or Manning.  But it would be old fashioned human-powered journalism by Bellingcat’s Aric Toler and The New York Times, not AI,  that swiftly identified the leaker after spotting the documents on Russian Telegram. 

Read more